<?php

require_once 'config.inc';
require_once('_db.inc');
require_once('_ui.inc');
require_once '_bank.inc';
// Create a database connection
$conn = db_connect(BANK_DB_USER, BANK_DB_PASSWORD);

 ui_print_header('Bank - Verify Revealed Money Orders');

 $moneyOrders = db_do_query($conn,'SELECT * FROM mo_blinded where BATCH=' .$_POST['batch']. ' and mo_n<>' .$_POST['chosen']);


 //  $mo_array = array();
 foreach ($moneyOrders as $MO){
 	//print_r($MO);
	//check if the unblinded money order match blinded money order
		if (!verify_blinded($_POST[MOstr][$MO['MO_N']], $MO[BLINDED_MO], $_POST[R][$MO['MO_N']])){
			echo "The #" . $MO['MO_N'] ." unblinded money order is not match with the blinded money order!\nYou are cheating!";
			exit;
		}
}


 if (!verify_MO($_POST[MOstr])) echo "You are cheating!\n";
 else {
 	echo "You passed the first verification.\n Now please:";
 	$unblindedMO = array_pop($_POST[MOstr]);
 
 echo <<<END

	<form name="form1" method="post" action="2R_5_CustomerRevealIDStrings.php">
	<table width="500" border="0" cellspacing="1" cellpadding="3" align=center>
			<tr>
			<td>
			<input type="hidden" name="batch" value="$_POST[batch]">
			<input type='hidden' name='chosen' value="$_POST[chosen]">
			<input type='hidden' name='unblindedMO' value="$unblindedMO">
			<input type="submit" name="reveal" value="Reveal ID Strings"></td>
			</tr>
			</table>
			</form>
 
END;
}
ui_print_footer(date('Y-m-d H:i:s'));
oci_close($conn);
?>